crystalboy Posted June 5, 2017 Posted June 5, 2017 Quote We’re one week away from the launch of the second LabyREnth Capture the Flag (CTF) challenge! It’s time to give all you players some more details on what you’re going to see next week. We’ve got five tracks this year, and they’re a little different from last year. The skills we’ll be focusing on this year are the following: Working with binaries (PE files, ELF files, Mach-O files, etc.) Working with documents (MS Office Files, PDF Files, etc.) Working with Mobile and IOT files (iOS, Android, ARM, MIPS, etc.) Understanding the Threat Landscape (Yara, Networking, Intel, etc.) Programming While you’re in the LabyREnth, look out for some other challenges hidden throughout the CTF. Complete them quickly and you could win one of our individual first to solve prizes (tablets, VR equipment, etc.). Or just finish challenges in the five tracks to win some of the $32,000 in cash prizes we’re giving away this year! The overview, rules, and most importantly prize structure can all be seen at http://labyrenth.com. We’ve selected these tracks and challenges as we believe they form the cross-section of skills necessary to be a solid security researcher. We’ll be revealing hints and more information about the challenges throughout the CTF. We look forward to seeing you at 4pm PST on June 9! Official site: http://labyrenth.com/Announcement: https://researchcenter.paloaltonetworks.com/2017/04/unit42-labyrenth-ctf-2017/ 2
kao Posted June 6, 2017 Posted June 6, 2017 Unfortunately for that weekend I have some other plans in "real life". So, I'll take part in it but only starting on Monday.. Last year it was THE best CTF challenge I tried, so I can wholeheartedly recommend it to everyone. 4
akkaldama Posted June 10, 2017 Posted June 10, 2017 Does anyone get invalid characters in final part of mobile 1?
xoring Posted June 10, 2017 Posted June 10, 2017 Did anyone try to run the first windows executable in windows 7 x32? Am I the only one who gets a crash?
evandrix Posted June 10, 2017 Posted June 10, 2017 i'm stuck on Document #3 - got the images from usb.pcap, then what?
evandrix Posted June 11, 2017 Posted June 11, 2017 23 hours ago, evandrix said: i'm stuck on Document #3 - got the images from usb.pcap, then what? nvm, solved it~
crystalboy Posted June 11, 2017 Author Posted June 11, 2017 Someone can give an hint on programming level 3? I can't find any logic strategy for this. It seems completely random
Loki Posted June 12, 2017 Posted June 12, 2017 (edited) It's an odd one... did you figure it out? The paths are obviously walkable, and you can turn corners, but it seems to be randomly generated and empty apart from the ascii when you hit a wall. Most 'mazes' are just L-shaped for me There is an odd thing where you can get stuck and no matter how much you turn, it's just walls.... not sure if that is significant? The hint says that the game is a 'cheater' and that the move from 1st to 3rd person is tricky.... Edited June 12, 2017 by Loki
crystalboy Posted June 12, 2017 Author Posted June 12, 2017 Absolutely not i am stucked with that, i leaved it there and working on other tracks. Yes when you hit a wall ascii is printed. I saw also the 'bug' when you are stucked and there are only closed walls in each direction, in that case i just reboot the python because you can do everything but you will never exit from that damned walls. I sincerely can't find a tactic to defeat that, it seems completely without a logic... and very annoying.
Downpour Posted June 12, 2017 Posted June 12, 2017 Well I don't have much time to do these challenges because of university but I've already solved binary #1 in my free time and I think this time either the challenges are way harder or I'm just out of practice.. But still they are fun to solve and I will do my best to solve atleast all binary ones if possible..
akkaldama Posted June 13, 2017 Posted June 13, 2017 (edited) Any help on '%easymath%' ? It seems like 'Final part' ends in an exception(intentional?). @xoring, I think it is tricky . regards, Br. akkaldama Edited June 13, 2017 by akkaldama
kao Posted June 13, 2017 Posted June 13, 2017 @Castor: yep, first challenges of binary track are more difficult. No more base64 or xor, it's proper reversing this year. Other tracks aren't that hard. @akkaldama: there shouldn't be an exception. 2
evandrix Posted June 13, 2017 Posted June 13, 2017 for Documents #04, do i have to bruteforce the RC4 key? using the one provided to decrypt gives a non-ASCII-only string...
Downpour Posted June 13, 2017 Posted June 13, 2017 @kao you mean after Binary #2? Well I will sit down later and complete it, I currently only know pieces of it but no idea on how to get the correct flag, if I just have to edit the .exe or code my own program to get the correct flag but hey that's what makes it fun
Mr. J Posted June 13, 2017 Posted June 13, 2017 (edited) 10 hours ago, evandrix said: for Documents #04, do i have to bruteforce the RC4 key? using the one provided to decrypt gives a non-ASCII-only string... check your key length@kao the document track is also way more difficult, which seems to be the case for all tracks Edited June 13, 2017 by Mr. J
evandrix Posted June 13, 2017 Posted June 13, 2017 (edited) 14 minutes ago, Mr. J said: check your key length !@#$% sneaky problem author~!! Edited June 13, 2017 by evandrix
kao Posted June 14, 2017 Posted June 14, 2017 @evandrix: I got stuck at the same place. Solved now, but my emotions were exactly the same.. 1
Etor Madiv Posted June 16, 2017 Posted June 16, 2017 Any idea to solve Binary #2 ? Any one have any idea how to get the flag.
kao Posted June 17, 2017 Posted June 17, 2017 @Etor Madiv: did you read the hint that was given together with the task? Hint: Alice, follow the clockmaker into the rabbit hole -> labytime.com . 1
evandrix Posted June 17, 2017 Posted June 17, 2017 (edited) <redacted> Edited June 17, 2017 by evandrix
kao Posted June 17, 2017 Posted June 17, 2017 (edited) After finishing docs... Quote You see @evandrix sitting in the corner of the room. Just wanted to say hi! Edited June 17, 2017 by kao
Etor Madiv Posted June 17, 2017 Posted June 17, 2017 11 hours ago, kao said: @Etor Madiv: did you read the hint that was given together with the task? . @kao I read the hint but i didn't get the point, it is mysterious maybe.
kao Posted June 17, 2017 Posted June 17, 2017 @Etor Madiv: Spoiler labytime.exe generates flag which you need to submit to labytime.com. Unfortunately, the flag expires very fast.. 1
Etor Madiv Posted June 17, 2017 Posted June 17, 2017 48 minutes ago, kao said: @Etor Madiv: Reveal hidden contents labytime.exe generates flag which you need to submit to labytime.com. Unfortunately, the flag expires very fast.. @kao Spoiler So the algorithm that generate the PAN{hash} must be reused to send that quickly via a post request ? because I thought that the flag is something that does not begin with PAN{
crystalboy Posted June 17, 2017 Author Posted June 17, 2017 @Etor Madiv Spoiler You should just be faster. You can send it or just copy and paste it on the website but you must be fast! 1
Recommended Posts
Create an account or sign in to comment
You need to be a member in order to leave a comment
Create an account
Sign up for a new account in our community. It's easy!
Register a new accountSign in
Already have an account? Sign in here.
Sign In Now